ThirdAuthContent
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
auth_request |
No |
PluginThirdAuthRequest object |
Authentication API information. |
identities |
No |
PluginThirdAuthIdentities object |
User identity authentication information. |
carry_body |
No |
PluginThirdAuthCarryBody object |
Whether to allow the API request body for third-party authentication. |
carry_path_enabled |
No |
Boolean |
Whether to allow original request path. |
return_resp_body_enabled |
No |
Boolean |
Whether to return response. |
carry_resp_header |
No |
Array of strings |
Allowed response header. (If third-party authentication is successful, this header will be obtained from the response header of the authentication API and then transparently transmitted to the backend. A maximum of 10 parameters are allowed. The parameter length is from 1 to 64 characters.) |
simple_auth_mode_enabled |
No |
Boolean |
Simple authentication. (Status codes starting with "2" indicate the authentication is successful.) |
match_auth |
No |
PluginThirdAuthMatchAuth object |
Authentication result matching. |
rule_enabled |
No |
Boolean |
Whether to enable the blacklist/whitelist function. (APIs verified by the blacklist/whitelist will not be authenticated with the authentication API.) |
rule_type |
No |
String |
Blacklist/Whitelist type. This parameter is mandatory when the blacklist/whitelist function is enabled. |
parameters |
No |
Array of PluginThirdAuthParameters objects |
Blacklist/Whitelist rule parameters. |
rules |
No |
Array of PluginThirdAuthRule objects |
Blacklist/Whitelist parameter verification rules. A maximum of 100 rules are allowed. |
custom_forbid_limit |
No |
Integer |
Anti-brute force cracking threshold. (If the number of authentication attempts within 5 minutes exceeds this threshold, requests will be blocked and the authentication will fail until the next 5-minute window starts.) |
auth_downgrade_enabled |
No |
Boolean |
Relaxed mode. (The gateway receives requests from clients even if the authentication service cannot be connected or returns an error code starting with "5".) |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
method |
Yes |
String |
Authentication API request method. |
protocol |
Yes |
String |
Authentication API request protocol (HTTP not recommended). |
url_domain |
No |
String |
Authentication API address. This parameter is mandatory when no load balance channel is used. Use an IP address or a domain name, with up to 255 characters. |
timeout |
No |
Integer |
Authentication API timeout in seconds. Range: 1 ms to 60,000 ms. Default: 5,000 ms. |
path |
Yes |
String |
Authentication API path. Start with a slash (/) and use letters, digits, underscores (_), and hyphens (-). The path can contain query strings. |
vpc_channel_enabled |
Yes |
Boolean |
Whether to use a load balance channel. true: yes; false: no. |
vpc_channel_info |
No |
Load balance channel information. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
vpc_id |
Yes |
String |
Load balance channel ID. |
vpc_proxy_host |
No |
String |
Custom host header, a domain name that contains 1 to 254 characters, including letters, digits, periods (.), colons, and hyphens (-). |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
headers |
No |
Array of PluginThirdAuthIdentity objects |
Request headers. A maximum of 10 request headers are allowed. |
queries |
No |
Array of PluginThirdAuthIdentity objects |
Query strings. A maximum of 10 query strings are allowed. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
name |
Yes |
String |
Start with a letter, and use letters, digits, periods (.), underscores (_), and hyphens (-). (1 to 32 characters) |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
enabled |
Yes |
Boolean |
true: yes; false: no. |
max_body_size |
No |
Integer |
Maximum number of bytes that are allowed. It cannot exceed the maximum body size allowed in a request. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
key |
Yes |
String |
Key in the authentication response header. (1 to 64 characters) |
value |
Yes |
String |
Value in the authentication response header. (1 to 512 characters) |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
type |
Yes |
String |
Parameter type. Options:
|
name |
Yes |
String |
Parameter name. Set path to reqPath, method to method, header and query to the header and query parameter key, and system to any of [sourceIp,stage,apiId,appId,requestId,serverAddr,serverName,handleTime,providerAppId,apiName,appName,authorizer.frotend.××,authorizer.backend.××]. |
value |
Yes |
String |
Parameter source value. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
rule_name |
Yes |
String |
Name of a parameter verification rule. The name must start with a letter or digit, followed by letters, digits, colons (:), periods (.), underscores (_), parentheses (()), and slashes (/). It cannot start or end with a space. (2 to 254 characters) |
match_regex |
Yes |
String |
Parameter verification rule. A rule is indicated by [] and consists of a parameter name, matching rule (== (equal to), ~= (not equal to), in (enumerated value), ~~ (regular expression)), and matching value. Square brackets can be nested in [] and connected by OR or AND at the same level. The following example indicates that the verification is passed if the Host parameter in the header matches the regular expression ^f0269b2874ef0b65bee1f314e52aa.*$, or the request path is /a, /b, /returnRequest, or /d. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot